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AMENDMENTS TO THE CLAIMS : 

This listing of claims will replace all prior versions, 
and listings, of claims in the application: 



LISTING OF CLAIMS : 

1-8 . (canceled) 



9. (currently amended) System for data processing a 
security critical activity in a secure management mode in a 
computer, which computer comprises a processor (10), handling 
devices (20, 28-38), memory storage means (14, 42), hereafter 
named resources; that the system comprises a security device (50) 
comprising a processor (52) and signal generators (SG PM , SG A ) , a 
number of control means, hereafter named switches (60), with 
signal receivers (SR A , SR PM ) arranged respectively between the 
security device and pre-selected resources, that the switches 
contain information regarding accessibility to and from the 
resources, or parts of the resources, hereafter named resource 
ranges , characterized 

in that the security processor is arranged to execute 
the security critical activity, 

in that the switch controls requests from a processor 
of the computer procGooor , hereafter named the computer 
processor, to the resources or resource ranges depending on the 
information contained in the switch, and 
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in that in response to a call from the computer 
processor or the handling devices, the switches are activated by 
receiving a signal (SG PM ) from the security device, said signal 
(SG PM ) from the security device activating the switches to be in 
a condition i) enabling the security device and its security 
processor access to and from the resources or resource ranges 
selected by the security device and ii ) denying the computer 
processor access to and from the resources or resource ranges 
selected by the security device, 

in that the signal (SG PM ) can be generated only by the 
security device and 

in that the security device comprises a signal 
generator (SG A ) , 

wherein, when a switch receives a signal (SG A ), 
together with new information (addresses, operation, data), the 
security device is able of altering the a content of the 
information of that switch. 

10. (previously presented) System according to claim 9, 
characterized in that the information contained in the switches 
controls access to resources for requests from other possible 
processors contained in or connected to the computer. 

11. (previously presented) System according to claim 9, 
characterized in that the switches comprise a signal receiver 
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(SR S ) by which it can detect which source is handling the 
computer, and that the switch compares this with the resource 
which requests access to a resource or resource range controlled 
by the switch, and depending on the information in the switch, 
enables or denies access to that resource. 

12. (previously presented) System according to claim 9, 
characterized in that the information in the switch, enabling the 
switch to control certain areas of the memory means, are 
allocated to be accessed by the processor of the security device 
only . 

13. (previously presented) System according to claim 9, 
characterized in that the information in the switch enables the 
switch to control that certain resources are accessible by the 
computer processor when not in secure management mode, and only 
accessible by the security device when in secure management mode. 

14. (currently amended) System according to claim 9, 
characterized in that the switches are hardware switches^ 

the switches configured for i) a first normal mode 
wherein the computer processor has access to the resources, and 



ii) a second protected mode wherein 


the 


computer 


processor is 


denied access to the resources and 


the 


security 


processor is 



allowed access to the resources, and 
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said signal from the security device, enabling the 
security device and the security processor access to the 
resources and denying the computer processor access to the 
resources, changes the switches from the first normal mode into 
the second protected mode . 



15. (currently amended) System for data processing a 
security critical activity in a secure management mode in a 
computer, comprising: 

a computer comprising a computer processor (10), 
handling devices (20, 28-38), memory storage resources (14, 42); 

a security device (50) comprising a security device 
processor (52), and signal generators <SG PM , SG A ) inputting into 
the security device processor; and 

switch control means (60) comprising switches and 
signal receivers (SR A/ SR PM ) , the switches of the switch control 
means arranged respectively between the security device and pre- 
selected memory storage resources, wherein, 

the switches of the switch control means contain 
information regarding accessibility to and from the memory 
storage resources, or ranges within the memory storage resources, 
the security processor is arranged to execute the 
security critical activity, 

the switch control means, depending on the information 
contained in the switches, controls requests from the computer 
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processor to the memory storage resources or ranges within the 
memory storage resources, and 

in response to a call from the computer processor or 
the handling devices, the switches of the switch control means 
are activated by receiving a control signal (SG PM ) from the 
security device and the security device processor, said control 
signal (SGpm) activating the switches to be in a condition 

i) enabling the security device and the security device 
processor access to and from the memory storage resources or the 
ranges within the memory storage resources selected by the 
security device and 

ii) denying the computer processor access to and from 
the memory storage resources or the ranges within the memory 
storage resource selected by the security device, 

the control signal (SG PM ) can be generated only by the 
security device, 

upon any switch receiving a signal (SG A ) , together with 
new information (addresses, operation, data) , the security device 
is configured to alter tho a content of the information of that 
switch, and 

the security device processor is a different processor 
than the computer processor. 
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16. (currently amended) System for data processing a 
security critical activity in a secure management mode in a 
computer, comprising: 

a computer comprising a computer processor (10) 
connected to handling devices (20, 28-38) and to memory storage 
resources (14, 42); 

a security device (50) comprising a security device 
processor (52), and signal generators (SG PM , SG A ) inputting into 
the security device processor; and 

switch control means (60) comprising switches and 
signal receivers (SR A , SR PM ) / the switches of the switch control 
means arranged between the security device and pre-selected 
memory storage resources, wherein, 

the switches of the switch control means contain 
information regarding accessibility to and from the memory 
storage resources, 

the security processor is arranged to execute the 
security critical activity, 

the switch control means, based on the information 
contained in the switches, controls requests from the computer 
processor to the memory storage resources, and 

in response to a call from the computer processor, the 
switches of the switch control means are activated by receiving a 
control signal (SG PM ) from the security device and the security 
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device processor , said control signal (SG PM ) activating the 
switches to be in a condition to 

i) enable the security device and the security device 
processor access to and from the memory storage resources 
selected by the security device and 

ii) deny the computer processor access to and from the 
memory storage resources selected by the security device, 

the control signal (SG PM ) can be generated only by the 
security device, 

upon any switch receiving a signal (SG A ) , together with 
new information (addresses, operation, data) , the security device 
is configured to alter tho a content of the information of that 
switch, and 

the security device processor is a different processor 
than the computer processor. 

17. (new) System according to claim 15, wherein, 
the switches configured for i) a first normal mode 
wherein the computer processor has access to the resources, and 
ii) a second protected mode wherein the computer processor is 
denied access to the resources and only the security device 
processor has access to the resources, and 

said control signal (SG PM ) activating the switches 
changes the switches from the first normal mode into the second 
protected mode. 
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18. (new) System according to claim 16, wherein, 

the switches configured for i) a first normal mode 
wherein the computer processor has access to the resources, and 
ii) a second protected mode wherein the computer processor is 
denied access to the resources and only the security device 
processor has access to the resources, and 

said control signal (SG PM ) activating the switches 
changes the switches from the first normal mode into the second 
protected mode . 

19. (new) System according to claim 9, wherein, 

the switches each comprise a protection mode signal 
receiver (SR) configured to receive said signal from the security 
device activating the switches to be in the condition enabling 
the security device and the security processor access to the 
resources and denying the computer processor access to the 
resources , 

upon reception of said signal from the security device 
by the protection mode signal receiver, the protection mode 
signal receiver reconfigures the switches into a protection mode 
configuration allocating specific resources needed for executing 
the security critical activity to the security processor and 
denying the computer processor access to the specific resources, 
and 
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upon the switches being placed in the protection mode 
configuration, the security processor executes the security 
critical activity . 

20. (new) System according to claim 15, wherein, 

the switches each comprise a protection mode signal 
receiver (SR) configured to receive said signal from the security 
device activating the switches to be in the condition enabling 
the security device processor access to the resources and denying 
the computer processor access to the resources, 

upon reception of said signal from the security device 
by the protection mode signal receiver, the switches being 
reconfigured into a protection mode configuration allocating 
specific resources needed for executing the security critical 
activity to the security device processor and denying the 
computer processor access to the specific resources, and 

upon the switches being placed in the protection mode 
configuration, the security device processor executes the 
security critical activity. 



21. (new) System according to claim 16, wherein, 
the switches each comprise a protection mode signal 
receiver (SR) configured to receive said signal from the security 
device activating the switches to be in the condition enabling 
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the security device processor access to the resources and denying 
the computer processor access to the resources, 

upon reception of said signal from the security device 
by the protection mode signal receiver, the switches being 
reconfigured into a protection mode configuration allocating 
specific resources needed for executing the security critical 
activity to the security device processor and denying the 
computer processor access to the specific resources, and 

upon the switches being placed in the protection mode 
configuration, the security device processor executes the 
security critical activity. 
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